1+ months

Senior Vulnerability Management Lead Analyst - GLO000OK

Roseland, NJ 07068
Apply Now
Apply on the Company Site
  • Job Code
Primary Location United States-New Jersey-Roseland

The CSOC Vulnerability Management Team manages vulnerabilities and server non-compliance across all the businesses of Prudential, domestically and internationally. The Vulnerability Management team has an opening for a Senior Lead Analyst who will join our growing team and expanding program. The ideal candidate will have a minimum 5-10 years working in the vulnerability management space.

You will need to have a strong knowledge and experience with vulnerability management and processes, Unix and Linux operating systems, configuration management and vulnerability scanning are required. Knowledge of cloud and infrastructure support systems and network devices such as FW, WAFs, IDS/IPS, etc. is also required.  Along with your technical knowledge, attention to details and follow-up are core requirements to this role. You should have strong leadership, project and team-building skills which includes leading team members and driving results.

This role will provide technical expertise and work directly with Linux and Unix infrastructure support teams, cloud and on-prem as well as drive the vulnerability management program for remediations across the enterprise. You will work with directly with junior team members as subject matter expert as well as lead for resolution of vulnerabilities, configuration and troubleshooting, and assessment. Your role will support the team across the entire life cycle of vulnerability and configuration management including knowledge and expertise in our tools, asset management, scanning, mitigating controls to assess threat, review of remediation timelines for application related vulnerabilities, projects and reporting. You will be required to track and work with team members and Linux and Unix support teams for patching and remediation across all the businesses of Prudential as subject matter expert and liaison.


This role will also manage special projects and act as lead for junior team members.



  • Validate proper mitigation controls are in place until remediation activities are complete.

  • Act as the point of contact for status updates regarding vulnerabilities across multiple platforms and multiple business groups

  • Gold Image Review and patch deployments for Linux/Unix on-prem and cloud and identification and remediation of vulnerabilities specific to infrastructure configurations. SME for application and packages related to Linux/Unix platforms.

  • Provide leadership and direction on initiatives relating to information security and the Vulnerability Management Program.

  • Demonstrated understanding of Unix/Linux operating system and infrastructure/cloud vulnerability scanning and configuration

  • Strong knowledge of security technologies and architecture. Knowledge of IDS/IPS, DNS, DCHP, DMZ architecture, Active Directory, Proxies, Cloud architecture technologies and VPNs to name a few.

  • Development, maintenance, and continual improvement of the vulnerability management platform, processes, and technical assessment support. Revise processes and procedures, metrics, and documentation that continue to improve the vulnerability management capability.

  • Understanding of threat actors with the ability to articulate how they operate and demonstrate how they subvert common security controls

  • Strong understanding of network services, vulnerabilities and attacks. Knowledge of application exploits and vulnerabilities. Knowledge of ports and services typical in configuration of web servers, file servers, and workstations

  • Understanding of the OWASP Top 10. Familiarity with vulnerabilities in 3rd party libraries and remediation

  • Work with IT peers and business stakeholders to ensure remediation efforts adhere to corporate standards and policies

  • Ability to collaborate extensively with engineering teams to help them understand their vulnerabilities and assist them to develop remediation and mitigation strategies.

  • You will support implementation and operations best practices while taking ownership of tasks and/or project work-streams, assist and perform analysis and diagnosis of issues related to technology configuration, setup, procedural and/or process challenges, and contribute to deliverables of the team

  • Implement security improvements by assessing current situation, evaluating trends, and anticipating requirements.

  • Candidates must be familiar with CVEs, CVSS, and Mitre as well as other industry specific vulnerability classification standards, frameworks, and best-practices



Additional Skills and Abilities

  • Identifies opportunities for process and technical security improvements in the environment

  • Excellent communication, presentation, writing and documentation skills

  • Follow-up and attention to detail.

  • Good deductive reasoning skills, creative thinker.

  • Analytical and detail-oriented individuals must have a passion for information security, creativity to identify gaps and initiative to find the appropriate solutions to fill needs

  • Bachelors degree or higher in IT, CS, IS, with a focus in cyber security. Certifications a plus.

@!*!Prudential is a multinational financial services leader with operations in the United States Asia Europe and Latin America. Leveraging its heritage of life insurance and asset management expertise Prudential is focused on helping individual and institutional customers grow and protect their wealth. The companys well-known Rock symbol is an icon of strength stability expertise and innovation that has stood the test of time. Prudential's businesses offer a variety of products and services including life insurance annuities retirement-related services mutual funds asset management and real estate services. For more information please visit www.prudential.com.

Prudential is not accepting unsolicited resumes from search firms for this open position unless contracted with Staffing. Agencies must work with Staffing as the primary point of contact and follow the Prudential application process to be considered for business. All resumes submitted by search firms to any employee at Prudential via-email Internet or directly to hiring managers in any form without a valid written search agreement in place for that position will be deemed the sole property of Prudential and no fee will be paid in the event the candidate is hired by Prudential.
Note: Any search agreement entered into with Prudential before January 2004 is null and void. Search firms are essential to the recruitment and staffing efforts at Prudential and we value the partnerships we have built with our preferred vendors. Prudential has established and regularly maintains a preferred vendor list and even preferred vendors need to have a written search agreement signed by the Director Recruiting Programs Staffing at Prudential in place for the specific position in order for a fee to be paid for any candidate referrals.
Job Posting:@false

Posted: 2020-09-09 Expires: 2020-11-07
Sponsored by:
ADP Logo

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Senior Vulnerability Management Lead Analyst - GLO000OK

Roseland, NJ 07068

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast